Banzai Cloud Pipeline is an application platform with many services, some of which are optional. The quick start guides use the default configuration of the platform’s components, but you may need to configure the system to your specific requirements.
Edit your Pipeline configuration π︎
To customize your Banzai Cloud Pipeline platform configuration, complete the following steps.
- Find the configuration file of your Banzai Cloud Pipeline installation.
By default, it is the
~/.banzai/pipeline/<workspace>/values.yaml
file. The name of the workspace isdefault
by default. - Open the configuration file. You can customize settings and enable or disable components and services by editing this file. To customize the configuration of a component, add a section with the name of the component to the file. The banzai cli tool automatically passes any parameters in this section to the related component, overriding its default settings.
- For your changes to take effect, run the
banzai pipeline up [--workspace=default]
command and confirm the deployment plan offered.
Let’s take a look at the components and their essential configuration.
Cloudinfo π︎
Cloudinfo collects and organizes the offers of popular cloud providers. It maintains an up-to-date and region-aware list of services (compute, network, and so on) from the configured cloud providers and the company-specific data centers. Its configuration makes decisions about which providers and offers are available at the given site. Cloudinfo serves data essential for other components, like the available instance types, regions, endpoints, or the costs associated with the available resources.
Banzai Cloud Enterprise installations can run Cloudinfo locally.
Recommender π︎
Telescopes is a recommender, it recommends optimal cluster layouts for the user requirements based on the information collected by Cloudinfo. Telescopes takes generic requirements like number of CPUs and amount of memory, and recommends cluster layouts of different cloud providers based on overall price and value.
Banzai Cloud Enterprise installations can run Telescopes locally.
Secret store π︎
Secrets are used everywhere in Banzai Cloud Pipeline: for interactions with cloud providers, Kubernetes clusters, or for applications deployed to the clusters. The platform uses a central Vault service to securely store and manage secrets.
By default, the Vault service uses the database backend of the platform.
Authentication π︎
Banzai Cloud Pipeline uses the Dex OpenID Connect gateway (maintained by Banzai Cloud) to authenticate and authorize users connecting to Pipeline or the clustersβ API servers. It supports SAML 2.0.
The default Banzai Cloud Pipeline installation accepts a static credential (with a random generated password), which is good for a test drive. Production deployments should set up an authentication provider, or alternatively use an existing instance of Dex within the organization.
Another popular authentication provider is Github: see GitHub OAuth based authentication. For enterprise authentication provider integrations, contact us.
CI/CD π︎
Pipeline can integrate to external CI/CD engines to run jobs on clusters managed by Pipeline. If you are interested in integrating Pipeline to your CI/CD solution, contact us.
Image scan π︎
The image vulnerability scan service can scan Docker images for vulnerabilities before they are deployed, and prevent the deployment of images containing vulnerabilities. Pipeline uses the Anchore engine for vulnerability scans.
Open source installations use a publicly available Anchore Open Source installation. Banzai Cloud Enterprise installations can run Anchore locally, or use an external Anchore engine, for example, Anchore Enterprise.
You can enable the security scan feature with the following values.yaml
snippet:
anchore:
enabled: true
ui:
featureSet:
menuSecurityScan: true
menuGroupSecurity: true
Web UI π︎
The web user interface of the Pipeline platform, which uses the APIs exposed by Pipeline.
Note: The web interface supports recent releases of the Apple Safari, Google Chrome, Mozilla Firefox browsers. Use the desktop edition.
Database backend π︎
Pipeline components store all non-reproducible data Pipeline in a relational databases for persistence. The default setup deploys and configures a PostgreSQL instance to the cluster that runs Banzai Cloud Pipeline.
The platform also supports MySQL, as well as other external database services, including, Amazon RDS and Aurora.